Vir na flashce

[tomesPJ]

blbě furt zástupci...

[JaRon]

zaskocim za kolegu:
pouzi Avenher - jeho script:
Files to delete:
C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe

[vyosek]

Diky za zaskok...

Pak poprosim o novy log z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100 at se na to podivame...

Skoda ze nam nechce ten USBFix makat

[tomesPJ]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by Tomáš (administrator) on TOMÁŠ-PC on 24-04-2014 11:21:45
Running from C:\Users\Tomáš\Desktop
Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: Czech
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
() C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
(Smadsoft) C:\Program Files\Smadav\SMΔRTP.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(CyberLink) C:\Acer\Empowering Technology\eAudio\eAudio.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\QtZgAcer.EXE
(CyberLink Corp.) C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
(Acer Inc.) C:\Acer\Empowering Technology\eNet\eNet Service.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\PLFSetI.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Flexera Software, Inc.) C:\Program Files\Common Files\SCIA\Protection\lmgrd.exe
(ActMask Co.,Ltd - http://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Flexera Software, Inc.) C:\Program Files\Common Files\SCIA\Protection\lmgrd.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Nemetschek SCIA) C:\Program Files\Common Files\SCIA\Protection\SCIA.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Realtek Semiconductor Corp.) C:\Users\TOM~1\AppData\Local\Temp\RtkBtMnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Acer Inc.) C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
(Acer Inc.) C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Acer\Mobility Center\MobilityService.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Nalpeiron Ltd.) C:\Windows\system32\NLSSRV32.EXE
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\system32\PrintCtrl.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Acer Inc.) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Flexera Software, Inc.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [eAudio] => C:\Acer\Empowering Technology\eAudio\eAudio.exe [1286144 2007-10-10] (CyberLink)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2007-11-22] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2008-01-24] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\QtZgAcer.EXE [707080 2008-01-02] (Dritek System Inc.)
HKLM\...\Run: [PlayMovie] => C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [200704 2008-01-22] (CyberLink Corp.)
HKLM\...\Run: [WarReg_PopUp] => C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [303104 2008-01-29] (Acer Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2007-10-23] ()
HKLM\...\Run: [eRecoveryService] => [X]
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2010-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - http://www.all2pdf.com)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-16] (AVAST Software)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Tomáš\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Tomáš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Policies\Explorer: [NoDriveAutoRun] 0xFFFFFFFF
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files\Acer\Acer VCM\AcerVCM.exe (Acer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETAUDIO.EXE ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SETRES.EXE ()
Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hgntkdlkml.vbe ()
Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KN StrongDC.lnk
ShortcutTarget: KN StrongDC.lnk -> C:\Program Files\KN_StrongDC\StrongDC.exe (No File)
Startup: C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.0.lnk
ShortcutTarget: OpenOffice.org 3.0.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://cs.intl.acer.yahoo.com
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {68EE8512-63E5-4945-BC05-7CC06D1C6C8E} URL = http://search.yahoo.com/search?fr=chr-g ... earchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://uk.search.yahoo.com/search?p={se ... r=chr-acer
SearchScopes: HKCU - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} URL = http://search.alcohol-toolbar.com/searc ... arch-field
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKCU - No Name - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 94.74.192.252 94.74.192.244

FireFox:
========
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\n9ujpqah.default-1349801324926
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Seznam lištička - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\n9ujpqah.default-1349801324926\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2013-12-10]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-26]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-01-30]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-09]

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=12454
CHR StartupUrls: "hxxp://search.conduit.com/?ctid=CT3220468&SearchSource=48"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8312_0\npSkypeChromePlugin.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll (Foxit Software Company)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Seznam Lištička - Email) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-01-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-01-15]
CHR Extension: (Adblock Plus) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (SiteAdvisor) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2011-07-09]
CHR Extension: (Skype Click to Call) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-10-09]
CHR Extension: (Peněženka Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-09]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-01-15]
CHR HKLM\...\Chrome\Extension: [aaaangmfdabjilefmognkgcebjgcojek] - C:\Users\Tomáš\AppData\Local\APN\GoogleCRXs\aaaangmfdabjilefmognkgcebjgcojek_7.14.1.0.crx [2014-01-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

========================== Services (Whitelisted) =================

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-16] (AVAST Software)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [491008 2008-02-25] (Egis Incorporated)
R2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-10-01] (Acer Inc.)
R2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [131072 2007-12-20] (Acer Inc.)
S2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.)
S2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] ()
R3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2011-09-19] (Flexera Software, Inc.)
R2 FlexNET SCIA; C:\Program Files\Common Files\SCIA\Protection\lmgrd.exe [1334096 2009-11-21] (Flexera Software, Inc.)
S2 gupdate1c984c24c8dfdff; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-02] (Google Inc.)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-11-27] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [65536 2009-10-28] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [266343 2007-12-04] ()
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [233472 2007-09-28] (Acer Inc.)
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 Wisaroc; C:\Windows\Wisaroc.exe [1686020 2010-11-08] (Remak)
S2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-09-20] (acer)
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [X]
S2 Winmgmt; C:\PROGRA~2\6jlnbjrqfl.plz [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-04-16] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-04-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-04-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [776976 2014-04-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411552 2014-04-16] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-04-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180760 2014-04-16] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [192056 2008-01-21] (Společnost Microsoft)
S3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2009-03-31] ()
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1081912 2008-01-21] (Společnost Microsoft)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1729152 2007-12-14] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [90112 2009-03-20] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14976 2009-03-20] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [121856 2009-03-20] (MCCI Corporation)
R3 winbondcir; C:\Windows\System32\DRIVERS\winbondcir.sys [43008 2008-01-24] (Winbond Electronics Corporation)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [41456 2008-01-04] (Cyberlink Corp.)
U3 ao9uyezm; C:\Windows\system32\Drivers\ao9uyezm.sys [0 ] (Microsoft Corporation)
S3 asbp2poa; \??\C:\Users\TOM~1\AppData\Local\Temp\asbp2poa.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 11:21 - 2014-04-24 11:22 - 00025552 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-04-24 11:13 - 2014-04-24 11:13 - 00000000 ____D () C:\Avenger
2014-04-24 11:11 - 2014-04-24 11:11 - 00019286 _____ () C:\cleanup.exe
2014-04-24 11:10 - 2014-04-24 11:13 - 00001768 _____ () C:\avenger.txt
2014-04-24 11:10 - 2014-04-24 11:10 - 00135168 _____ () C:\zip.exe
2014-04-24 11:07 - 2014-04-24 11:07 - 00731136 _____ () C:\Users\Tomáš\Desktop\avenger.exe
2014-04-24 09:52 - 2014-04-24 09:52 - 00049258 _____ () C:\Users\Tomáš\Desktop\smadav.log
2014-04-24 09:36 - 2014-04-24 09:36 - 00004770 _____ () C:\Users\Tomáš\Desktop\SystemLook.txt
2014-04-24 09:04 - 2014-04-24 09:19 - 00001656 _____ () C:\Windows\system32\ASOROSet.bin
2014-04-24 08:52 - 2014-04-24 08:54 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-04-23 23:00 - 2014-04-23 23:00 - 00701664 _____ () C:\Users\Tomáš\Desktop\smadav final 23.4..txt
2014-04-23 21:36 - 2014-04-23 21:36 - 00042586 _____ () C:\Users\Tomáš\Desktop\char.pevnosti.xlsx
2014-04-23 18:57 - 2014-04-23 19:41 - 416616284 _____ () C:\Users\Tomáš\Desktop\Shameless.US.S04E11.HDTV.XviD-AFG.avi
2014-04-23 14:39 - 2014-04-23 14:39 - 00000861 _____ () C:\Users\Public\Desktop\SMADΔV.lnk
2014-04-23 14:39 - 2014-04-23 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2014-04-23 14:38 - 2014-04-24 08:35 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Paint.NET
2014-04-23 14:35 - 2014-04-23 14:36 - 01187096 _____ (SmadSoft ) C:\Users\Tomáš\Desktop\smadav97.exe
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\Program Files\FileViewPro
2014-04-23 14:24 - 2014-04-23 18:08 - 00000270 _____ () C:\Windows\Tasks\WinThruster_UPDATES.job
2014-04-23 14:24 - 2014-04-23 18:08 - 00000262 _____ () C:\Windows\Tasks\WinThruster_DEFAULT.job
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Solvusoft
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\Program Files\WinThruster
2014-04-23 14:23 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\Windows\system32\roboot.exe
2014-04-23 14:20 - 2014-04-23 14:21 - 02388400 _____ () C:\Users\Tomáš\Desktop\FileViewPro_2014.exe
2014-04-23 13:30 - 2014-04-23 13:30 - 00072704 _____ (lukeXprogramming) C:\Users\Tomáš\Desktop\interpolace.exe
2014-04-22 21:07 - 2014-04-22 21:39 - 100392460 _____ () C:\Users\Tomáš\Desktop\arclkjghgh2.rar
2014-04-21 18:59 - 2014-04-21 19:24 - 450619832 _____ () C:\Users\Tomáš\Desktop\Game.of.Thrones.S04E03-cz.tit.avi
2014-04-21 13:48 - 2014-04-21 13:49 - 00139264 _____ () C:\Users\Tomáš\Desktop\SystemLook.exe
2014-04-20 12:43 - 2014-04-20 18:11 - 00000000 ____D () C:\Users\Tomáš\Desktop\arcsdtymwy1
2014-04-19 22:24 - 2014-04-19 22:25 - 00000000 ____D () C:\Users\Tomáš\Desktop\sabina fyzika
2014-04-19 22:24 - 2014-04-19 22:24 - 21073328 _____ () C:\Users\Tomáš\Desktop\prilohy_7192.zip
2014-04-19 10:42 - 2014-04-19 11:11 - 261728350 _____ () C:\Users\Tomáš\Desktop\Californication-S07E01-TitCz.avi
2014-04-17 22:11 - 2014-04-17 22:11 - 00132597 _____ () C:\Users\Tomáš\Desktop\Flash_Disinfector.exe
2014-04-17 21:37 - 2014-04-24 09:51 - 00000000 __SHD () C:\[Smad-Cage]
2014-04-17 21:37 - 2014-04-24 09:51 - 00000000 ____D () C:\Program Files\SMADAV
2014-04-17 19:19 - 2014-04-24 11:16 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 19:19 - 2014-04-17 19:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-17 19:19 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-17 19:19 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-17 19:19 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-17 19:05 - 2014-04-17 19:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-17 15:54 - 2014-04-17 15:54 - 02959376 _____ (Microsoft Corporation) C:\Users\Tomáš\Desktop\dotnetfx35setup.exe
2014-04-17 15:41 - 2014-04-17 15:41 - 00017028 _____ () C:\Users\Tomáš\Desktop\AutoRunExterminator-1.8.zip
2014-04-17 15:41 - 2010-05-13 14:53 - 00047104 _____ (Inside Core) C:\Users\Tomáš\Desktop\AutoRunExterminator.exe
2014-04-17 15:39 - 2014-04-17 15:40 - 00000461 _____ () C:\Users\Tomáš\Desktop\vir.txt
2014-04-17 15:09 - 2014-04-17 15:09 - 00159806 _____ () C:\Users\Tomáš\Desktop\UnHideFolder.exe
2014-04-17 15:06 - 2014-04-17 15:27 - 00001404 _____ () C:\Users\Tomáš\Desktop\UsbFix.lnk
2014-04-17 15:06 - 2014-04-17 15:06 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Desktop\UsbFix (1).exe
2014-04-17 15:05 - 2014-04-17 15:24 - 00000000 ____D () C:\UsbFix
2014-04-17 15:03 - 2014-04-17 15:03 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix (3).exe
2014-04-17 10:21 - 2014-04-20 12:39 - 00000000 ____D () C:\Users\Tomáš\Desktop\plocha
2014-04-17 10:13 - 2014-04-24 10:11 - 00000000 ____D () C:\Users\Tomáš\Desktop\VIR
2014-04-16 20:35 - 2014-04-16 20:36 - 00072704 _____ (lukeXprogramming) C:\Users\Tomáš\Downloads\interpolace.exe
2014-04-16 18:29 - 2014-04-16 18:29 - 00000000 ____D () C:\Stavební fyzika
2014-04-16 18:27 - 2014-04-16 18:27 - 00000000 ____D () C:\Users\Tomáš\Desktop\energie 2013
2014-04-16 18:25 - 2014-04-16 18:26 - 22301768 _____ () C:\Users\Tomáš\Downloads\energie-2013-lt.zip
2014-04-16 15:17 - 2014-04-16 15:47 - 00000000 ____D () C:\AdwCleaner
2014-04-16 13:06 - 2014-04-16 13:07 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Downloads\UsbFix (1).exe
2014-04-16 13:05 - 2014-04-16 13:06 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix.exe
2014-04-16 12:56 - 2014-04-16 12:56 - 00029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2014-04-16 12:44 - 2014-04-24 11:21 - 00000000 ____D () C:\FRST
2014-04-16 12:42 - 2014-04-24 10:10 - 01048576 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST.exe
2014-04-16 10:11 - 2014-04-16 10:11 - 02346904 _____ (ESET) C:\Users\Tomáš\Downloads\esetsmartinstaller_csy.exe
2014-04-16 10:09 - 2014-04-16 10:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-16 00:06 - 2014-04-16 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USBDriveFresher
2014-04-16 00:06 - 2014-04-16 00:06 - 00000000 ____D () C:\Program Files\USBDriveFresher
2014-04-16 00:05 - 2014-04-16 00:05 - 04166327 _____ (Affinity-Tools ) C:\Users\Tomáš\Downloads\usbfreshersetup.exe
2014-04-15 14:51 - 2014-04-15 14:55 - 66852894 _____ () C:\Users\Tomáš\Downloads\sigur-ros---ágćtis-byrjun-(1999).rar
2014-04-13 15:10 - 2014-04-13 15:10 - 00622080 _____ () C:\Users\Tomáš\Downloads\kalkulator-ejot-hmozdinky-ver123 (1).xls
2014-04-13 11:34 - 2014-04-13 11:34 - 01831129 _____ () C:\Users\Tomáš\Downloads\prilohy_25995.zip
2014-04-13 11:33 - 2014-04-13 11:33 - 01416410 _____ () C:\Users\Tomáš\Downloads\prilohy_26007.zip
2014-04-12 21:44 - 2014-04-12 22:12 - 454262631 _____ () C:\Users\Tomáš\Downloads\CH04-Vybrané-stati-z-pozemního-stavitelství-(S-PST).rar
2014-04-12 20:33 - 2014-04-12 21:23 - 884569082 _____ () C:\Users\Tomáš\Downloads\CH04---Vybrané-stati-z-pozemního-stavitelství.rar
2014-04-12 18:56 - 2014-04-12 19:26 - 81336979 _____ () C:\Users\Tomáš\Downloads\www.NewAlbumReleases.net_The Pains of Being Pure at Heart - Days of Abandon (2014).rar
2014-04-11 19:18 - 2014-04-11 19:18 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-11 19:17 - 2014-04-11 19:18 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Tomáš\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-09 19:56 - 2014-04-09 19:56 - 00622080 _____ () C:\Users\Tomáš\Downloads\kalkulator-ejot-hmozdinky-ver123.xls
2014-04-09 19:56 - 2014-04-09 19:56 - 00230912 _____ () C:\Users\Tomáš\Downloads\Vypocet-vetrovych-oblasti.xls
2014-04-08 15:09 - 2014-04-08 15:11 - 63741683 _____ () C:\Users\Tomáš\Downloads\JMC-Automatic.zip
2014-04-03 10:18 - 2014-04-03 10:18 - 03134125 _____ () C:\Users\Tomáš\Downloads\MOJE.xlsx
2014-04-02 12:42 - 2014-04-02 12:42 - 00000851 _____ () C:\Users\Tomáš\Desktop\Wdls 4.1 demo.lnk
2014-04-02 12:42 - 2014-04-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astra MS Software
2014-04-02 12:42 - 2014-04-02 12:42 - 00000000 ____D () C:\Program Files\Astra 92
2014-04-02 12:42 - 2013-03-11 09:02 - 00040960 _____ () C:\Windows\system32\BCGCBResCSY.dll
2014-04-02 12:42 - 2013-03-11 08:56 - 00082296 _____ () C:\Users\Tomáš\Downloads\Documents\Vestavba haly.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00059553 _____ () C:\Users\Tomáš\Downloads\Documents\Atrium.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00053076 _____ () C:\Users\Tomáš\Downloads\Documents\Přes chodbu.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00041262 _____ () C:\Users\Tomáš\Downloads\Documents\Podkroví.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00025730 _____ () C:\Users\Tomáš\Downloads\Documents\L místnost.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00021020 _____ () C:\Users\Tomáš\Downloads\Documents\Wdls.dls
2014-04-02 12:42 - 2013-03-11 08:56 - 00000004 __RSH () C:\Windows\AstraWdls41_d.sec
2014-04-02 12:42 - 2010-01-06 10:56 - 00045056 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraSec125.dll
2014-04-02 12:42 - 2010-01-06 10:56 - 00045056 _____ (ASTRA 92 a.s.) C:\Windows\system32\AstraData120.dll
2014-04-02 12:42 - 2000-12-20 07:26 - 00688128 _____ () C:\Windows\system32\BCGCB474.dll
2014-04-01 12:07 - 2014-04-01 12:07 - 02233692 _____ () C:\Users\Tomáš\Downloads\MOJE+LAMELA.xlsx
2014-03-29 18:09 - 2014-03-29 18:09 - 00374784 _____ () C:\Users\Tomáš\Downloads\UT_08_L_N.xls
2014-03-29 18:09 - 2014-03-29 18:09 - 00286208 _____ () C:\Users\Tomáš\Downloads\UT_08_L_Z.xls
2014-03-29 17:33 - 2014-03-29 17:33 - 00349184 _____ () C:\Users\Tomáš\Downloads\32_18_05-Průřezové-moduly.ppt

==================== One Month Modified Files and Folders =======

2014-04-24 11:22 - 2014-04-24 11:21 - 00025552 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-04-24 11:22 - 2008-08-26 20:06 - 01898176 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 11:21 - 2014-04-16 12:44 - 00000000 ____D () C:\FRST
2014-04-24 11:19 - 2013-12-10 10:02 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Seznam.cz
2014-04-24 11:16 - 2014-04-17 19:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-24 11:13 - 2014-04-24 11:13 - 00000000 ____D () C:\Avenger
2014-04-24 11:13 - 2014-04-24 11:10 - 00001768 _____ () C:\avenger.txt
2014-04-24 11:13 - 2013-10-09 10:56 - 66489780 _____ () C:\Windows\PFRO.log
2014-04-24 11:13 - 2009-06-30 15:50 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 11:13 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 11:13 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 11:13 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 11:12 - 2008-08-28 16:54 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-04-24 11:12 - 2006-11-02 15:01 - 00032610 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-24 11:11 - 2014-04-24 11:11 - 00019286 _____ () C:\cleanup.exe
2014-04-24 11:10 - 2014-04-24 11:10 - 00135168 _____ () C:\zip.exe
2014-04-24 11:10 - 2008-08-26 17:07 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Last.fm
2014-04-24 11:07 - 2014-04-24 11:07 - 00731136 _____ () C:\Users\Tomáš\Desktop\avenger.exe
2014-04-24 10:32 - 2012-09-12 16:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-24 10:11 - 2014-04-17 10:13 - 00000000 ____D () C:\Users\Tomáš\Desktop\VIR
2014-04-24 10:10 - 2014-04-16 12:42 - 01048576 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST.exe
2014-04-24 09:52 - 2014-04-24 09:52 - 00049258 _____ () C:\Users\Tomáš\Desktop\smadav.log
2014-04-24 09:51 - 2014-04-17 21:37 - 00000000 __SHD () C:\[Smad-Cage]
2014-04-24 09:51 - 2014-04-17 21:37 - 00000000 ____D () C:\Program Files\SMADAV
2014-04-24 09:36 - 2014-04-24 09:36 - 00004770 _____ () C:\Users\Tomáš\Desktop\SystemLook.txt
2014-04-24 09:20 - 2008-08-26 14:17 - 00000000 ____D () C:\Users\Tomáš
2014-04-24 09:19 - 2014-04-24 09:04 - 00001656 _____ () C:\Windows\system32\ASOROSet.bin
2014-04-24 09:19 - 2006-11-02 12:22 - 55050240 _____ () C:\Windows\system32\config\software.bak
2014-04-24 09:19 - 2006-11-02 12:22 - 27000832 _____ () C:\Windows\system32\config\system.bak
2014-04-24 09:19 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-04-24 09:17 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-04-24 08:54 - 2014-04-24 08:52 - 00000000 ____D () C:\Windows\system32\config\RCCBakup
2014-04-24 08:35 - 2014-04-23 14:38 - 00000000 ____D () C:\Users\Tomáš\AppData\Local\Paint.NET
2014-04-23 23:00 - 2014-04-23 23:00 - 00701664 _____ () C:\Users\Tomáš\Desktop\smadav final 23.4..txt
2014-04-23 22:59 - 2011-09-20 20:49 - 00000000 ____D () C:\Program Files\AutoCAD 2008
2014-04-23 22:59 - 2008-08-26 14:17 - 00000000 ___RD () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-23 22:59 - 2008-08-26 14:17 - 00000000 ___RD () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-23 22:59 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-23 22:59 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-23 22:59 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-23 22:59 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-23 21:36 - 2014-04-23 21:36 - 00042586 _____ () C:\Users\Tomáš\Desktop\char.pevnosti.xlsx
2014-04-23 19:41 - 2014-04-23 18:57 - 416616284 _____ () C:\Users\Tomáš\Desktop\Shameless.US.S04E11.HDTV.XviD-AFG.avi
2014-04-23 19:41 - 2008-08-30 16:05 - 00062976 _____ () C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-23 18:08 - 2014-04-23 14:24 - 00000270 _____ () C:\Windows\Tasks\WinThruster_UPDATES.job
2014-04-23 18:08 - 2014-04-23 14:24 - 00000262 _____ () C:\Windows\Tasks\WinThruster_DEFAULT.job
2014-04-23 14:39 - 2014-04-23 14:39 - 00000861 _____ () C:\Users\Public\Desktop\SMADΔV.lnk
2014-04-23 14:39 - 2014-04-23 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2014-04-23 14:36 - 2014-04-23 14:35 - 01187096 _____ (SmadSoft ) C:\Users\Tomáš\Desktop\smadav97.exe
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
2014-04-23 14:26 - 2014-04-23 14:26 - 00000000 ____D () C:\Program Files\FileViewPro
2014-04-23 14:26 - 2014-02-26 23:23 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Solvusoft
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster
2014-04-23 14:23 - 2014-04-23 14:23 - 00000000 ____D () C:\Program Files\WinThruster
2014-04-23 14:21 - 2014-04-23 14:20 - 02388400 _____ () C:\Users\Tomáš\Desktop\FileViewPro_2014.exe
2014-04-23 13:30 - 2014-04-23 13:30 - 00072704 _____ (lukeXprogramming) C:\Users\Tomáš\Desktop\interpolace.exe
2014-04-22 21:39 - 2014-04-22 21:07 - 100392460 _____ () C:\Users\Tomáš\Desktop\arclkjghgh2.rar
2014-04-21 19:24 - 2014-04-21 18:59 - 450619832 _____ () C:\Users\Tomáš\Desktop\Game.of.Thrones.S04E03-cz.tit.avi
2014-04-21 13:49 - 2014-04-21 13:48 - 00139264 _____ () C:\Users\Tomáš\Desktop\SystemLook.exe
2014-04-20 18:11 - 2014-04-20 12:43 - 00000000 ____D () C:\Users\Tomáš\Desktop\arcsdtymwy1
2014-04-20 12:39 - 2014-04-17 10:21 - 00000000 ____D () C:\Users\Tomáš\Desktop\plocha
2014-04-19 22:25 - 2014-04-19 22:24 - 00000000 ____D () C:\Users\Tomáš\Desktop\sabina fyzika
2014-04-19 22:24 - 2014-04-19 22:24 - 21073328 _____ () C:\Users\Tomáš\Desktop\prilohy_7192.zip
2014-04-19 11:11 - 2014-04-19 10:42 - 261728350 _____ () C:\Users\Tomáš\Desktop\Californication-S07E01-TitCz.avi
2014-04-17 22:11 - 2014-04-17 22:11 - 00132597 _____ () C:\Users\Tomáš\Desktop\Flash_Disinfector.exe
2014-04-17 19:19 - 2014-04-17 19:19 - 00000903 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-17 19:19 - 2014-04-17 19:19 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-17 19:06 - 2014-04-17 19:05 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-17 18:40 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-17 15:54 - 2014-04-17 15:54 - 02959376 _____ (Microsoft Corporation) C:\Users\Tomáš\Desktop\dotnetfx35setup.exe
2014-04-17 15:41 - 2014-04-17 15:41 - 00017028 _____ () C:\Users\Tomáš\Desktop\AutoRunExterminator-1.8.zip
2014-04-17 15:40 - 2014-04-17 15:39 - 00000461 _____ () C:\Users\Tomáš\Desktop\vir.txt
2014-04-17 15:27 - 2014-04-17 15:06 - 00001404 _____ () C:\Users\Tomáš\Desktop\UsbFix.lnk
2014-04-17 15:24 - 2014-04-17 15:05 - 00000000 ____D () C:\UsbFix
2014-04-17 15:09 - 2014-04-17 15:09 - 00159806 _____ () C:\Users\Tomáš\Desktop\UnHideFolder.exe
2014-04-17 15:06 - 2014-04-17 15:06 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Desktop\UsbFix (1).exe
2014-04-17 15:03 - 2014-04-17 15:03 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix (3).exe
2014-04-17 10:26 - 2013-11-10 15:46 - 00000000 ____D () C:\Users\Tomáš\Desktop\foto
2014-04-17 10:18 - 2013-02-06 14:17 - 00000000 ____D () C:\Users\Tomáš\Desktop\BP 2013!!!
2014-04-16 20:36 - 2014-04-16 20:35 - 00072704 _____ (lukeXprogramming) C:\Users\Tomáš\Downloads\interpolace.exe
2014-04-16 18:34 - 2014-03-23 20:22 - 00000000 ____D () C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tepelná technika
2014-04-16 18:33 - 2011-11-15 11:40 - 00000000 ____D () C:\Program Files\Common Files\Svoboda Software
2014-04-16 18:29 - 2014-04-16 18:29 - 00000000 ____D () C:\Stavební fyzika
2014-04-16 18:27 - 2014-04-16 18:27 - 00000000 ____D () C:\Users\Tomáš\Desktop\energie 2013
2014-04-16 18:26 - 2014-04-16 18:25 - 22301768 _____ () C:\Users\Tomáš\Downloads\energie-2013-lt.zip
2014-04-16 15:47 - 2014-04-16 15:17 - 00000000 ____D () C:\AdwCleaner
2014-04-16 15:19 - 2008-08-26 16:56 - 00000000 ____D () C:\ProgramData\ICQ
2014-04-16 14:30 - 2009-06-30 15:50 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-16 13:07 - 2014-04-16 13:06 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Downloads\UsbFix (1).exe
2014-04-16 13:06 - 2014-04-16 13:05 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix.exe
2014-04-16 12:56 - 2014-04-16 12:56 - 00029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2014-04-16 11:15 - 2009-02-02 01:04 - 00000924 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-04-16 10:12 - 2008-08-26 14:47 - 00000000 ____D () C:\Program Files\ESET
2014-04-16 10:11 - 2014-04-16 10:11 - 02346904 _____ (ESET) C:\Users\Tomáš\Downloads\esetsmartinstaller_csy.exe
2014-04-16 10:09 - 2014-04-16 10:09 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-16 10:09 - 2013-10-09 11:21 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-16 10:09 - 2013-10-09 11:21 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-04-16 10:09 - 2013-10-09 11:21 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-04-16 10:09 - 2013-10-09 11:21 - 00001877 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-16 10:09 - 2013-10-09 11:20 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-16 10:09 - 2013-10-09 11:20 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-16 10:09 - 2013-10-09 11:20 - 00180760 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-16 10:09 - 2013-10-09 11:20 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-16 10:09 - 2013-10-09 11:20 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-16 00:06 - 2014-04-16 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USBDriveFresher
2014-04-16 00:06 - 2014-04-16 00:06 - 00000000 ____D () C:\Program Files\USBDriveFresher
2014-04-16 00:05 - 2014-04-16 00:05 - 04166327 _____ (Affinity-Tools ) C:\Users\Tomáš\Downloads\usbfreshersetup.exe
2014-04-15 14:55 - 2014-04-15 14:51 - 66852894 _____ () C:\Users\Tomáš\Downloads\sigur-ros---ágćtis-byrjun-(1999).rar
2014-04-14 19:33 - 2009-02-02 01:11 - 00001975 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-13 17:07 - 2013-09-05 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-13 17:01 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-13 15:10 - 2014-04-13 15:10 - 00622080 _____ () C:\Users\Tomáš\Downloads\kalkulator-ejot-hmozdinky-ver123 (1).xls
2014-04-13 11:34 - 2014-04-13 11:34 - 01831129 _____ () C:\Users\Tomáš\Downloads\prilohy_25995.zip
2014-04-13 11:33 - 2014-04-13 11:33 - 01416410 _____ () C:\Users\Tomáš\Downloads\prilohy_26007.zip
2014-04-12 22:12 - 2014-04-12 21:44 - 454262631 _____ () C:\Users\Tomáš\Downloads\CH04-Vybrané-stati-z-pozemního-stavitelství-(S-PST).rar
2014-04-12 21:23 - 2014-04-12 20:33 - 884569082 _____ () C:\Users\Tomáš\Downloads\CH04---Vybrané-stati-z-pozemního-stavitelství.rar
2014-04-12 19:26 - 2014-04-12 18:56 - 81336979 _____ () C:\Users\Tomáš\Downloads\www.NewAlbumReleases.net_The Pains of Being Pure at Heart - Days of Abandon (2014).rar
2014-04-11 19:18 - 2014-04-11 19:18 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-04-11 19:18 - 2014-04-11 19:17 - 10245808 _____ (BlueStack Systems Inc.) C:\Users\Tomáš\Downloads\BlueStacks-SplitInstaller_native.exe
2014-04-09 19:56 - 2014-04-09 19:56 - 00622080 _____ () C:\Users\Tomáš\Downloads\kalkulator-ejot-hmozdinky-ver123.xls
2014-04-09 19:56 - 2014-04-09 19:56 - 00230912 _____ () C:\Users\Tomáš\Downloads\Vypocet-vetrovych-oblasti.xls
2014-04-08 15:11 - 2014-04-08 15:09 - 63741683 _____ () C:\Users\Tomáš\Downloads\JMC-Automatic.zip
2014-04-03 15:44 - 2012-04-12 22:17 - 00004096 _____ () C:\Users\Tomáš\AppData\Local\keyfile3.drm
2014-04-03 10:18 - 2014-04-03 10:18 - 03134125 _____ () C:\Users\Tomáš\Downloads\MOJE.xlsx
2014-04-03 09:51 - 2014-04-17 19:19 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-17 19:19 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-17 19:19 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 12:42 - 2014-04-02 12:42 - 00000851 _____ () C:\Users\Tomáš\Desktop\Wdls 4.1 demo.lnk
2014-04-02 12:42 - 2014-04-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astra MS Software
2014-04-02 12:42 - 2014-04-02 12:42 - 00000000 ____D () C:\Program Files\Astra 92
2014-04-02 09:54 - 2013-10-09 11:21 - 00006183 _____ () C:\Windows\setupact.log
2014-04-01 12:07 - 2014-04-01 12:07 - 02233692 _____ () C:\Users\Tomáš\Downloads\MOJE+LAMELA.xlsx
2014-03-31 09:35 - 2013-10-09 00:50 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-29 18:09 - 2014-03-29 18:09 - 00374784 _____ () C:\Users\Tomáš\Downloads\UT_08_L_N.xls
2014-03-29 18:09 - 2014-03-29 18:09 - 00286208 _____ () C:\Users\Tomáš\Downloads\UT_08_L_Z.xls
2014-03-29 17:33 - 2014-03-29 17:33 - 00349184 _____ () C:\Users\Tomáš\Downloads\32_18_05-Průřezové-moduly.ppt

Files to move or delete:
====================
C:\ProgramData\lfqrjbnlj6.ctrl
C:\ProgramData\lfqrjbnlj6.pff
C:\ProgramData\rf0fl.exe


Some content of TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\BackupSetup.exe
C:\Users\Tomáš\AppData\Local\Temp\install_helper.exe
C:\Users\Tomáš\AppData\Local\Temp\Quarantine.exe
C:\Users\Tomáš\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Tomáš\AppData\Local\Temp\tbuTo0.dll
C:\Users\Tomáš\AppData\Local\Temp\{9B18B9BE-96A5-44E4-80C0-211E401997F6}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-24 11:20

==================== End Of Log ============================

[JaRon]

zopakuj akciu fixlist:

Kód: Vybrat vše

Start

HKLM\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"

C:\ProgramData\lfqrjbnlj6.ctrl
C:\ProgramData\lfqrjbnlj6.pff
C:\ProgramData\rf0fl.exe




End

[tomesPJ]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 24-04-2014
Ran by Tomáš at 2014-04-24 12:05:31 Run:2
Running from C:\Users\Tomáš\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start

HKLM\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\...\Run: [hgntkdlkml] => wscript.exe //B "C:\Users\Tomáš\AppData\Roaming\hgntkdlkml.vbe"

C:\ProgramData\lfqrjbnlj6.ctrl
C:\ProgramData\lfqrjbnlj6.pff
C:\ProgramData\rf0fl.exe




End

*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\hgntkdlkml => Value deleted successfully.
HKU\S-1-5-21-715463585-2862221041-1881526869-1000\Software\Microsoft\Windows\CurrentVersion\Run\\hgntkdlkml => Value deleted successfully.
C:\ProgramData\lfqrjbnlj6.ctrl => Moved successfully.
C:\ProgramData\lfqrjbnlj6.pff => Moved successfully.
C:\ProgramData\rf0fl.exe => Moved successfully.

==== End of Fixlog ====

[JaRon]

napis, ci je stale problem
kolega Ta uz dorazi, na mna ide hlad

[vyosek]

Jeste maly vlez, jeste vytvor tento fixlist, spust FRST a klik na FIX. Pak napis jestli jsou problemy

Kód: Vybrat vše

Start
S2 McAfee SiteAdvisor Service; c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe [X]
S2 Winmgmt; C:\PROGRA~2\6jlnbjrqfl.plz [X]

U3 ao9uyezm; C:\Windows\system32\Drivers\ao9uyezm.sys [0 ] (Microsoft Corporation)
S3 asbp2poa; \??\C:\Users\TOM~1\AppData\Local\Temp\asbp2poa.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [X]

2014-04-24 11:21 - 2014-04-24 11:22 - 00025552 _____ () C:\Users\Tomáš\Desktop\FRST.txt
2014-04-24 11:13 - 2014-04-24 11:13 - 00000000 ____D () C:\Avenger
2014-04-24 11:11 - 2014-04-24 11:11 - 00019286 _____ () C:\cleanup.exe
2014-04-24 11:10 - 2014-04-24 11:13 - 00001768 _____ () C:\avenger.txt
2014-04-24 11:10 - 2014-04-24 11:10 - 00135168 _____ () C:\zip.exe
2014-04-24 11:07 - 2014-04-24 11:07 - 00731136 _____ () C:\Users\Tomáš\Desktop\avenger.exe
2014-04-24 09:52 - 2014-04-24 09:52 - 00049258 _____ () C:\Users\Tomáš\Desktop\smadav.log
2014-04-24 09:36 - 2014-04-24 09:36 - 00004770 _____ () C:\Users\Tomáš\Desktop\SystemLook.txt
2014-04-23 14:23 - 2012-10-15 17:02 - 00017840 _____ (solvusoft) C:\Windows\system32\roboot.exe
2014-04-22 21:07 - 2014-04-22 21:39 - 100392460 _____ () C:\Users\Tomáš\Desktop\arclkjghgh2.rar
2014-04-16 10:11 - 2014-04-16 10:11 - 02346904 _____ (ESET) C:\Users\Tomáš\Downloads\esetsmartinstaller_csy.exe
2014-04-16 13:06 - 2014-04-16 13:07 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Downloads\UsbFix (1).exe
2014-04-16 13:05 - 2014-04-16 13:06 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix.exe
2014-04-16 12:56 - 2014-04-16 12:56 - 00029696 _____ () C:\Users\Tomáš\AppData\Local\MSGBOX.EXE
2014-04-17 15:39 - 2014-04-17 15:40 - 00000461 _____ () C:\Users\Tomáš\Desktop\vir.txt
2014-04-17 15:09 - 2014-04-17 15:09 - 00159806 _____ () C:\Users\Tomáš\Desktop\UnHideFolder.exe
2014-04-17 15:06 - 2014-04-17 15:27 - 00001404 _____ () C:\Users\Tomáš\Desktop\UsbFix.lnk
2014-04-17 15:06 - 2014-04-17 15:06 - 03006996 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Tomáš\Desktop\UsbFix (1).exe
2014-04-17 15:05 - 2014-04-17 15:24 - 00000000 ____D () C:\UsbFix
2014-04-17 15:03 - 2014-04-17 15:03 - 01144875 _____ (El Desaparecido - SosVirus.net) C:\Users\Tomáš\Downloads\UsbFix (3).exe
2014-04-17 19:05 - 2014-04-17 19:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tomáš\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-17 15:54 - 2014-04-17 15:54 - 02959376 _____ (Microsoft Corporation) C:\Users\Tomáš\Desktop\dotnetfx35setup.exe
2014-04-17 15:41 - 2014-04-17 15:41 - 00017028 _____ () C:\Users\Tomáš\Desktop\AutoRunExterminator-1.8.zip
2014-04-17 15:41 - 2010-05-13 14:53 - 00047104 _____ (Inside Core) C:\Users\Tomáš\Desktop\AutoRunExterminator.exe
2014-04-17 22:11 - 2014-04-17 22:11 - 00132597 _____ () C:\Users\Tomáš\Desktop\Flash_Disinfector.exe
2014-04-24 11:13 - 2014-04-24 11:13 - 00000000 ____D () C:\Avenger
2014-04-24 11:13 - 2014-04-24 11:10 - 00001768 _____ () C:\avenger.txt
2014-04-24 11:13 - 2009-06-30 15:50 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 10:32 - 2012-09-12 16:22 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 18:08 - 2014-04-23 14:24 - 00000270 _____ () C:\Windows\Tasks\WinThruster_UPDATES.job
2014-04-23 18:08 - 2014-04-23 14:24 - 00000262 _____ () C:\Windows\Tasks\WinThruster_DEFAULT.job

End

[tomesPJ]

diky moc pánové!!!
mělo by být po všem

[vyosek]

I za kolegu neni zac, fixlog pro kontrolu by byl prosim